refactor nix config a bit

2022-12-26 15:13:04 +01:00 · 2022-12-26 15:13:04 +01:00 · 424d48bdb1
parent 4b90002e45
commit 424d48bdb1
9 changed files with 182 additions and 238 deletions
--- a/flake.nix
+++ b/flake.nix
@ -53,13 +53,12 @@
    , ... }@inputs:
    let
      inherit (nixpkgs) lib;
      inherit (builtins) mapAttrs;
      util = import ./nixos/util.nix inputs;
      system = "x86_64-linux";
      # import and add realm to list of tags
-      hosts = mapAttrs util.add_realm_to_tags (import ./nixos/hosts);
+      hosts = util.add_realm_to_tags (import ./nixos/hosts);
      # flatten hosts to single list
      flat_hosts = util.flatten_hosts hosts;
      # Filter out all non-nixos hosts
--- a/nixos/hosts/hades/default.nix
+++ b/nixos/hosts/hades/default.nix
@ -1,228 +1,188 @@
-[
+{
-  {
+  "opnsense" = {
    hostname = "opnsense";
    ip = "192.168.0.1";
    mac = "00:0d:b9:56:b1:d8";
    nix = false;
-  }
+  };
-  {
+  "nyx-bmc" = {
    hostname = "nyx-bmc";
    ip = "192.168.0.99";
    mac = "d0:50:99:f3:fa:42";
    nix = false;
-  }
+  };
-  {
+  "nyx" = {
    hostname = "nyx";
    ip = "192.168.0.100";
    mac = "d0:50:99:de:99:4c";
    nix = false;
-  }
+  };
-  {
+  "unifi" = {
    hostname = "unifi";
    ip = "192.168.0.101";
    mac = "5a:00:b7:6c:d1:e2";
-  }
+  };
-  {
+  "plex" = {
    hostname = "plex";
    ip = "192.168.0.102";
    mac = "00:0c:29:a1:4e:28";
    nix = false;
-  }
+  };
-  {
+  "vault-0" = {
    hostname = "vault-0";
    ip = "192.168.0.103";
    mac = "7A:14:15:ED:D1:E6";
    tags = [ "vault" ];
-  }
+  };
-  {
+  "pmm" = {
    hostname = "pmm";
    ip = "192.168.0.104";
    mac = "7A:A3:59:1D:69:07";
-  }
+  };
-  {
+  "overseerr" = {
    hostname = "overseerr";
    ip = "192.168.0.105";
    mac = "8E:21:7F:88:3A:83";
-  }
+  };
-  {
+  "tautulli" = {
    hostname = "tautulli";
    ip = "192.168.0.106";
    mac = "BE:30:DB:F8:C6:55";
-  }
+  };
-  {
+  "MariaDB" = {
    hostname = "MariaDB";
    ip = "192.168.0.109";
    mac = "00:0c:29:23:4f:12";
    nix = false;
-  }
+  };
-  {
+  "bitwarden_rs" = {
    hostname = "bitwarden_rs";
    ip = "192.168.0.110";
    mac = "00:0c:29:f5:98:00";
    nix = false;
-  }
+  };
-  {
+  "rtorrent" = {
    hostname = "rtorrent";
    ip = "192.168.0.111";
    mac = "7a:5f:9b:62:49:91";
-  }
+  };
-  {
+  "minio" = {
    hostname = "minio";
    ip = "192.168.0.112";
    mac = "ae:c6:94:bb:c5:d9";
-  }
+  };
-  {
+  "cshub2" = {
    hostname = "cshub2";
    ip = "192.168.0.113";
    mac = "26:8c:f6:f4:21:76";
    nix = false;
-  }
+  };
-  {
+  "bastion" = {
    hostname = "bastion";
    ip = "192.168.0.114";
    mac = "66:14:8e:b2:50:c4";
-  }
+  };
-  {
+  "storage" = {
    hostname = "storage";
    ip = "192.168.0.115";
    mac = "00:50:56:91:0d:69";
    nix = false;
-  }
+  };
-  {
+  "unpackerr" = {
    hostname = "unpackerr";
    ip = "192.168.0.116";
    mac = "06:8a:8e:3e:43:45";
-  }
+  };
-  {
+  "thelounge" = {
    hostname = "thelounge";
    ip = "192.168.0.117";
    mac = "00:0c:29:2a:69:8f";
    nix = false;
-  }
+  };
-  {
+  "mail" = {
    hostname = "mail";
    ip = "192.168.0.118";
    mac = "00:50:56:91:3b:03";
    nix = false;
-  }
+  };
-  {
+  "bazarr" = {
    hostname = "bazarr";
    ip = "192.168.0.119";
    mac = "DE:7C:32:7E:DD:A1";
-  }
+  };
-  {
+  "radarr2" = {
    hostname = "radarr2";
    ip = "192.168.0.120";
    mac = "5e:d3:75:93:56:ee";
    profile = "radarr";
-  }
+  };
-  {
+  "jackett2" = {
    hostname = "jackett2";
    ip = "192.168.0.121";
    mac = "4e:e7:64:b7:88:b8";
    profile = "jackett";
    nix = false; # superseded by prowlarr 
-  }
+  };
-  {
+  "nginx" = {
    hostname = "nginx";
    ip = "192.168.0.123";
    mac = "00:0c:29:9b:10:82";
    nix = false;
-  }
+  };
-  {
+  "pve-storage" = {
    hostname = "pve-storage";
    ip = "192.168.0.124";
    mac = "d4:3d:7e:35:0a:bf";
    nix = false;
-  }
+  };
-  {
+  "database" = {
    hostname = "database";
    ip = "192.168.0.126";
    mac = "82:e8:71:7f:37:b4";
-  }
+  };
-  {
+  "dn42" = {
    hostname = "dn42";
    ip = "192.168.0.127";
    mac = "12:fa:24:02:65:e6";
    nix = false;
-  }
+  };
-  {
+  "docker-registry-proxy" = {
    hostname = "docker-registry-proxy";
    ip = "192.168.0.128";
    mac = "0e:11:65:62:66:9f";
-  }
+  };
-  {
+  "hassio" = {
    hostname = "hassio";
    ip = "192.168.0.129";
    mac = "e6:80:32:fb:00:75";
    nix = false;
-  }
+  };
-  {
+  "docker-registry" = {
    hostname = "docker-registry";
    ip = "192.168.0.130";
    mac = "5e:0e:a6:cf:64:70";
-  }
+  };
-  {
+  "minecraft" = {
    hostname = "minecraft";
    ip = "192.168.0.131";
    mac = "00:0c:29:9b:e1:c4";
    nix = false;
-  }
+  };
-  {
+  "sonarr2" = {
    hostname = "sonarr2";
    ip = "192.168.0.132";
    mac = "ea:ac:be:53:18:27";
    profile = "sonarr";
-  }
+  };
-  {
+  "postgres" = {
    hostname = "postgres";
    ip = "192.168.0.133";
    mac = "6e:92:a9:5e:4c:e2";
    nix = false;
-  }
+  };
-  {
+  "vault" = {
    hostname = "vault";
    ip = "192.168.0.134";
    mac = "56:20:62:16:8a:11";
    nix = false;
-  }
+  };
-  {
+  "vmetrics" = {
    hostname = "vmetrics";
    ip = "192.168.0.135";
    mac = "96:10:41:fd:2a:0a";
    nix = false;
-  }
+  };
-  {
+  "mastodon" = {
    hostname = "mastodon";
    ip = "192.168.0.138";
    mac = "52:60:8a:06:86:9c";
-  }
+  };
-  {
+  "lidarr" = {
    hostname = "lidarr";
    ip = "192.168.0.139";
    mac = "7a:0f:25:e5:7f:e5";
    nix = false;
-  }
+  };
-  {
+  "prowlarr" = {
    hostname = "prowlarr";
    ip = "192.168.0.140";
    mac = "3a:67:8e:98:0c:a2";
-  }
+  };
-  {
+  "readarr" = {
    hostname = "readarr";
    ip = "192.168.0.141";
    mac = "E6:A2:37:4A:7C:87";
-  }
+  };
-  {
+  "archlinux" = {
    hostname = "archlinux";
    ip = "192.168.0.200";
    mac = "00:0c:29:e4:0d:17";
    nix = false;
-  }
+  };
-  {
+  "HP781AFC" = {
    hostname = "HP781AFC";
    ip = "192.168.0.201";
    mac = "f4:ce:46:78:1a:fc";
    nix = false;
-  }
+  };
-]
+}
--- a/nixos/hosts/olympus/default.nix
+++ b/nixos/hosts/olympus/default.nix
@ -1,56 +1,48 @@
-[
+{
-  {
+  "edgerouter" = {
    hostname = "edgerouter";
    ip = "10.42.42.1";
    ip6 = "2001:41f0:9639:1:b6fb:e4ff:fe53:9c0";
    mac = "B4:FB:E4:53:9C:0A";
    nix = false;
-  }
+  };
-  {
+  "unifi-ap" = {
    hostname = "unifi-ap";
    ip = "10.42.42.2";
    mac = "b4:fb:e4:f3:ff:1b";
    nix = false;
-  }
+  };
-  {
+  "dhcp" = {
    hostname = "dhcp";
    ip = "10.42.42.3";
    mac = "3E:2D:E8:AA:E2:81";
    tags = [ "networking" ];
-  }
+  };
-  {
+  "bastion" = {
    hostname = "bastion";
    ip = "10.42.42.4";
    ip6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d";
    mac = "82:F0:7C:CB:BD:6D";
    type = "vm";
-  }
+  };
-  {
+  "vault" = {
    hostname = "vault";
    ip = "10.42.42.6";
    mac = "16:2B:87:55:0C:0C";
    profile = "vault-0";
    tags = [ "vault" ];
-  }
+  };
-  {
+  "mosquitto" = {
    hostname = "mosquitto";
    ip = "10.42.42.7";
    mac = "C6:F9:8B:3D:9E:37";
-  }
+  };
-  {
+  "home-assistant" = {
    hostname = "home-assistant";
    ip = "10.42.42.8";
    ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee";
    mac = "9E:60:78:ED:81:B4";
    nix = false;
-  }
+  };
-  {
+  "nginx" = {
    hostname = "nginx";
    ip = "10.42.42.9";
    ip6 = "2001:41f0:9639:1:68c2:89ff:fe85:cfa6";
    mac = "6A:C2:89:85:CF:A6";
    tags = [ "web" ];
-  }
+  };
  # {
  #   hostname = "k3s-node1";
  #   profile = "k3s";
@ -58,133 +50,110 @@
  #   mac = "2E:F8:55:23:D9:9B";
  #   type = "vm";
  # }
-  {
+  "WoolooTV" = {
    hostname = "WoolooTV";
    ip = "10.42.42.13";
    mac = "74:40:be:48:85:a4";
    nix = false;
-  }
+  };
-  {
+  "outline" = {
    hostname = "outline";
    mac = "52:13:EB:FD:87:F0";
    ip = "10.42.42.14";
-  }
+  };
-  {
+  "dns-1" = {
    hostname = "dns-1";
    profile = "dns";
    ip = "10.42.42.15";
    mac = "5E:F6:36:23:16:E3";
    tags = [ "dns" "networking" ];
-  }
+  };
-  {
+  "dns-2" = {
    hostname = "dns-2";
    profile = "dns";
    ip = "10.42.42.16";
    mac = "B6:04:0B:CD:0F:9F";
    tags = [ "dns" "networking" ];
-  }
+  };
-  {
+  "minio" = {
    hostname = "minio";
    ip = "10.42.42.17";
    mac = "0A:06:5E:E7:9A:0C";
-  }
+  };
-  {
+  "mailserver" = {
    hostname = "mailserver";
    ip = "10.42.42.18";
    mac = "AA:F2:3D:5E:B3:40";
-  }
+  };
-  {
+  "victoriametrics" = {
    hostname = "victoriametrics";
    ip = "10.42.42.19";
    mac = "9E:91:61:35:84:1F";
-  }
+  };
-  {
+  "unifi" = {
    hostname = "unifi";
    ip = "10.42.42.20";
    mac = "1A:88:A0:B0:65:B4";
-  }
+  };
-  {
+  "minecraft" = {
    hostname = "minecraft";
    ip = "10.42.42.21";
    mac = "EA:30:73:E4:B6:69";
    nix = false;
-  }
+  };
-  {
+  "gitea" = {
    hostname = "gitea";
    ip = "10.42.42.22";
    mac = "DE:5F:B0:83:6F:34";
-  }
+  };
-  {
+  "hedgedoc" = {
    hostname = "hedgedoc";
    ip = "10.42.42.23";
    mac = "86:BC:0C:18:BC:9B";
-  }
+  };
-  {
+  "zmeura" = {
    hostname = "zmeura";
    ip = "10.42.42.24";
    mac = "b8:27:eb:d5:e0:f5";
    nix = false;
-  }
+  };
-  {
+  "wireguard" = {
    hostname = "wireguard";
    ip = "10.42.42.25";
    mac = "1E:ED:97:2C:C3:9D";
-  }
+  };
-  {
+  "database" = {
    hostname = "database";
    ip = "10.42.42.26";
    mac = "CE:6E:96:87:18:1B";
-  }
+  };
-  {
+  "bookwyrm" = {
    hostname = "bookwyrm";
    ip = "10.42.42.27";
    mac = "9E:8A:6C:39:27:DE";
    nix = false;
-  }
+  };
-  {
+  "synapse" = {
    hostname = "synapse";
    ip = "10.42.42.28";
    mac = "9E:86:D3:46:EE:AE";
-  }
+  };
-  {
+  "keycloak" = {
    hostname = "keycloak";
    ip = "10.42.42.29";
    mac = "A6:09:1D:A8:81:28";
-  }
+  };
-  {
+  "vault-1" = {
    hostname = "vault-1";
    ip = "10.42.42.30";
    mac = "26:69:0E:7C:B3:79";
    profile = "vault-1";
    tags = [ "vault" ];
-  }
+  };
-  {
+  "vaultwarden" = {
    hostname = "vaultwarden";
    ip = "10.42.42.31";
    mac = "96:61:03:16:63:98";
-  }
+  };
-  {
+  "ntfy" = {
    hostname = "ntfy";
    ip = "10.42.42.32";
    mac = "7A:17:9E:80:72:01";
-  }
+  };
-  {
+  "woodpecker" = {
    hostname = "woodpecker";
    ip = "10.42.42.33";
    mac = "1E:24:DA:DB:4A:1A";
-  }
+  };
-  {
+  "nuc" = {
    hostname = "nuc";
    ip = "10.42.42.42";
    ip6 = "2001:41f0:9639:1::42";
    mac = "1C:69:7A:62:30:88";
    nix = false;
-  }
+  };
-  {
+  "eevee" = {
    hostname = "eevee";
    ip = "10.42.42.69";
    ip6 = "2001:41f0:9639:1:a83:e416:dc99:5ed3";
    mac = "34:97:f6:93:9A:AA";
    nix = false;
-  }
+  };
-]
+}
--- a/nixos/hosts/olympus/dhcp/configuration.nix
+++ b/nixos/hosts/olympus/dhcp/configuration.nix
@ -1,13 +1,16 @@
 { config, pkgs, hosts, ... }:
 let
  inherit (builtins) filter hasAttr;
  inherit (pkgs.lib.attrsets) mapAttrsToList;
  hostToDhcp = { hostname, mac, ip, ... }: {
    ethernetAddress = mac;
    hostName = hostname;
    ipAddress = ip;
  };
  localDomain = config.networking.domain;
-  hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) hosts.${localDomain};
+  # TODO: Alternatively filter on flat_hosts where realm == localDomain
  local_hosts = mapAttrsToList (name: value: value // { hostname = name; }) hosts.${localDomain};
  hosts' = filter (h: hasAttr "ip" h && hasAttr "mac" h) local_hosts;
 in {
  imports = [ ];
--- a/nixos/hosts/thalassa/aoife/README.md
+++ b/nixos/hosts/thalassa/aoife/README.md
@ -0,0 +1,15 @@
 # Aoife
 This is the NixOS config for my laptop `aoife`.
 ## Hardware
 This is a Thinkpad Z16 Gen 1.
 **CPU**: AMD Ryzen 9 PRO 6950H (16 cores) @ 4.935GHz
 **RAM**: 32GB LPDDR5 6400MHz
 **SCREEN**: 16" 3840 x 2400 OLED
 **GPU**: AMD Radeon™ RX 6500M, 4 GB, GDDR6
 ## Software
 **OS**: NixOS
 **DE**: Gnome
 **Shell**: ZSH (grml)
--- a/nixos/hosts/thalassa/aoife/networking.nix
+++ b/nixos/hosts/thalassa/aoife/networking.nix
@ -1,4 +1,4 @@
-{ ... }: {
+_: {
  networking.networkmanager.enable = true;
  networking.firewall.checkReversePath = false;
  # networking.firewall.enable = false;
--- a/nixos/hosts/thalassa/default.nix
+++ b/nixos/hosts/thalassa/default.nix
@ -1,10 +1,4 @@
-[
+{
-  {
+  "null" = { type = "local"; };
-    hostname = "null";
+  "aoife" = { type = "local"; };
-    type = "local";
+}
  }
  {
    hostname = "aoife";
    type = "local";
  }
 ]
--- a/nixos/util.nix
+++ b/nixos/util.nix
@ -1,7 +1,7 @@
 { nixpkgs, home-manager, hyprland, mailserver, ... }:
 let
-  inherit (builtins) filter attrValues concatLists;
+  inherit (builtins) filter attrValues concatMap mapAttrs;
-
+  inherit (nixpkgs.lib.attrsets) mapAttrsToList;
  # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
  resolve_imports = let
    # lookup table
@ -22,14 +22,19 @@ let
  ] ++ import_cases.${type};
 in {
  # Add to whatever realm a host belong to its list of tags
-  add_realm_to_tags = realm:
+  add_realm_to_tags = mapAttrs (realm:
-    map ({ tags ? [ ], ... }@host:
+    mapAttrs (hostname:
      { tags ? [ ], ... }@host:
      host // {
        tags = [ realm ] ++ tags;
        inherit realm;
-      });
+      }));
  # Flatten all hosts to a single list
-  flatten_hosts = hosts: concatLists (attrValues hosts);
+  flatten_hosts = realms:
    concatMap (mapAttrsToList (name: value: value // { hostname = name; }))
    (attrValues realms);
  # Filter out all hosts which aren't nixos
  filter_nix_hosts = filter ({ nix ? true, ... }: nix);
--- a/notes/ideas.md
+++ b/notes/ideas.md
@ -8,7 +8,6 @@ Re-use `hosts` setup and add domain and port information to each host
    # new stuff
    exposes = {
        requests = {
    port = 3000;
            domain = "requests.xirion.net";
            port = 3000;
        };